Safety First! Measures against Account theft: Improve the security of your account now!

Discussion in 'Official Announcements' started by Juturna, Nov 19, 2013.

Dear forum reader,

if you’d like to actively participate on the forum by joining discussions or starting your own threads or topics, please log into the game first. If you do not have a game account, you will need to register for one. We look forward to your next visit! CLICK HERE
Thread Status:
Not open for further replies.
  1. Juturna

    Juturna User

    Dear Community,

    Time and again we receive messages from users who have been the victims of account theft. This is a big concern for us, and we want to appeal to you once again: Never give your account details to anyone else! Nobody in our support and moderator teams needs your login data in order to help you!

    Every player who wants to change the login data or the e-mail address of a game account will have to confirm these changes in such an e-mail.

    Here’s how it works:
    • Securing Your Account
    • When you register for a game, enter the correct e-mail address.
    • Click on change profile on your DarkOrbit Main page and confirm the link we send you to the Email address you have entered.
    NOTICE: If you do not confirm the link, your game account will NOT be protected against account theft!
    • Changing Your Login Data
    A change in your access data must be confirmed immediately in an e-mail before the changes become active.
    • Change your username, your password or your e-mail address on a regular basis! The more often you do it, the safer your account will be. Remember those who change their information frequently are best protected against account theft.
    • Avoid using simple passwords! Your password should have a combination of capital and lower-case letters. Passwords such as "tree", "123456" or "abcde" are not safe!
    • Open your e-mail mailbox and confirm the link we send to you.
    • Afterwards, the changes to your account will become active. When you change your e-mail address, we will send a confirmation e-mail to both your old AND your new e-mail address.
    This may sound a bit complicated, but it really isn’t! These security measures protect your account from misuse, so for your own sake, you should be careful with your data and actively protect your account.

    Do you have any questions? Our supporters, moderators and admins are there to help you any time!

    Have fun and lots of success!

    Your DarkOrbit Team

    Thank you to Radovan & Terrorise for their assistance with this thread.

    Originally posted 07.04.2009 & 18.06.2009
     
  2. Juturna

    Juturna User

    General

    1. Validate your e-mail immediately after registration • Make sure your e-mail address is correct – check for spelling mistakes / no fake email addresses can be used

    • Ensure you have permanent access to your e-mail address
    • No "shared" email addresses should be used

    2. Choosing the right password: • Never use the same password as on other sites / email accounts, etc.

    • Never use your nickname as a password
    • Your email account password should not be the same as your game account password
    • Never use simple words or combinations of numbers, such as, "qwerty", "123456", "password" or something similar.
    • Change your password regularly
    • The password should contain both lowercase and uppercase letters, combinations of numbers as well as special characters
    • Never save passwords via the password reminder function in your browser
    • The longer and more complicated - the better; however, BP does have a character limit

    3. Spam and In-game Messaging • In-game messaging or chat (private rooms, group chat rooms) o Account theft by other users (e.g. I'll give you .. premium, game currency, etc., I need your password)

    o Account theft by alleged account exchange (e.g. Let's swap our accounts)
    o Account theft by fake admins (username that is similar to those of our admins, etc. ..) • Never give your password or other account data to others

    • Spam:
    o Check the sender address when receiving messages
    o Data changes: only click on the link if it was sent by us
    o In the official emails from Bigpoint, we will never ask you for your password​

    • Only add trusted people for your private messenger programs or social networks (Skype, ICQ, MSN, Facebook, etc):
    o The fraudsters may try to contact you with names that are similar to our Moderators: They may offer benefits, award positions within the team, or allegedly say they have to verify something, otherwise the account will be locked, but you should never reveal your login data.
    o Support/Moderators will never ask for your personal information!


    4. Programs/software that are not Bigpoint-verified or simply links from strangers, including bot programs, could be malicious applications (keylogger, trojan, etc). Users should, of course, never install anything.

    5. Private data

    Private data, such as your full name, birthdate or email address should never be revealed.

    6. Account sharing

    • Never share an account (it is also forbidden, according to Terms & Conditions). You never know if the person you have shared your account with will "turn" and steal the account.

    7. Phishing

    The most powerful weapon against phishing is common sense and the following rules that every user should oblige to.
    • If you are not a customer of the site delete the email immediately. Don't click on the link or reply.
    • If you are a customer and you are not sure if the email is legit do one of the following:
    • Contact the institute by phone or contact at the official website (do not use the email link of course) and ask if the mail is official.
    • Instead of using the link provided, open the website by typing in the official link there. The site should have news about the email on their starting page. (most of the time). If not, use 2a to verify the email. Thankfully though there are quite a few tools out there to aid and protect the user against phishing attacks.
    • Most web browsers these days come with phishing protection enabled. The lists that they use are usually updated several times a day. It has to be noted though that they only detect phishing websites that are already in the list.
    • Several email clients, like Mozilla Thunderbird, but also online email services, like Gmail or Yahoo Mail, make use of phishing protection as well.
    • Internet security programs do come with phishing protection as well.
    • Password managers can be an excellent aid. If you have saved the login for a website in the password manager you usually can login automatically (Last Pass for example supports that option). The password manager will only work on the real website and not the phishing website.

    The most powerful protection again is the user’s common sense. Here are a few pointers on how to detect if a website is real or a phishing site:

    • Check the url in the address bar. Is it pointing to the right website? Make sure you look close for chars that look similar, e.g. o and 0.
    • Is it an https website? Is the certificate valid?
    • Does the website look different? Open another web browser tab to enter the url manually just to be on the same side (if you have opened an external link)

    Firefox has a protection system for phishing, you can read more here:
    http://www.ghacks.net/2009/10/06/test-the-phishing-protection-in-firefox/

    For windows users and Internet explorer users here is info for you:
    http://windows.microsoft.com/en-US/windows7/SmartScreen-Filter-frequently-asked-questions-IE9

    8. Liability

    The account owner is responsible at all times for the security of their account. This responsibility also includes selecting a secure password and keeping it confidential from third parties. Bigpoint cannot be held responsible for the loss of an account or account data. No data was changed, or taken, on our side and therefore we are unable to return the account to you.

    Your DarkOrbit Team


    Thank you to cbroo1 for their assistance with this thread.

    Originally posted 17.01.2012
     
Thread Status:
Not open for further replies.